internal/openvex: update handler test

Updates handler tests to have more accurate package paths.
This doesn't affect anything right now, but will be relevant for
future features/testing.

Change-Id: Ia72c749cdaf263d2a425f349f72630cda576b5f0
Reviewed-on: https://go-review.googlesource.com/c/vuln/+/598593
LUCI-TryBot-Result: Go LUCI <[email protected]>
Reviewed-by: Zvonimir Pavlinovic <[email protected]>

internal/osv: add review status

Ecosystem metrics cannot pick up REVIEWED vs UNREVIWED unless
govulncheck produces it.

Change-Id: Ia6ea1ef7cf681ac51e18dd32748dc658a72ebad9
Reviewed-on: https://go-review.googlesource.com/c/vuln/+/591055
Reviewed-by: Tatiana Bradley <[email protected]>
TryBot-Result: Gopher Robot <[email protected]>
LUCI-TryBot-Result: Go LUCI <[email protected]>
Run-TryBot: Zvonimir Pavlinovic <[email protected]>

all: remove unit tests for staticcheck, unparam, and spellcheck

Those should not be unit tests and, more importantly, they should not be
running on builders.

Change-Id: I70504fedce3bad17ac408dc6f208d61fb7bd6071
Reviewed-on: https://go-review.googlesource.com/c/vuln/+/587097
TryBot-Result: Gopher Robot <[email protected]>
Reviewed-by: Ian Cottrell <[email protected]>
Run-TryBot: Zvonimir Pavlinovic <[email protected]>
LUCI-TryBot-Result: Go LUCI <[email protected]>

internal/openvex: add vex types

updates golang/go#62486

Change-Id: I550ca00f1209e21ee3fef91128d0522494b9d994
Reviewed-on: https://go-review.googlesource.com/c/vuln/+/575857
LUCI-TryBot-Result: Go LUCI <[email protected]>
Reviewed-by: Zvonimir Pavlinovic <[email protected]>

cmd/govulncheck: mask line numbers and columns

These can in principle change for stdlib. Although we always pretend we
are running against go1.18, the actual stdlib underneath can be
different. This could result in different line numbers and columns.
There currently does not exist a clean way of masking line position for
stdlib paths, so we mask everything with placeholders.

Change-Id: I08628acbf10aa3f36b969bac5745ae3b4d52f284
Reviewed-on: https://go-review.googlesource.com/c/vuln/+/562215
LUCI-TryBot-Result: Go LUCI <[email protected]>
TryBot-Result: Gopher Robot <[email protected]>
Reviewed-by: Maceo Thompson <[email protected]>
Run-TryBot: Zvonimir Pavlinovic <[email protected]>

internal/scan: add binary extract mode

The extract mode spits out a json blob representing the minimal
representation of a Go binary needed for govulncheck vulnerability
detection. binary mode accepts both a Go binary and this representation
as an input.

The contents of extract should be regarded as a blob. The users of this
flag should not rely on its representation. It might change in the
future.

Change-Id: I81027062d34609fed7541ad2092d4cbe5df0d118
Reviewed-on: https://go-review.googlesource.com/c/vuln/+/542035
Run-TryBot: Zvonimir Pavlinovic <[email protected]>
LUCI-TryBot-Result: Go LUCI <[email protected]>
Reviewed-by: Ian Cottrell <[email protected]>
Reviewed-by: Maceo Thompson <[email protected]>
TryBot-Result: Gopher Robot <[email protected]>

cmd/govulncheck: update test data

Generated with 'go test -update' for changes introduced by CL 555515.

For golang/go#65084.

Change-Id: I05938ce2755b6acdd42efc3fe9f51a485d8ca405
Cq-Include-Trybots: luci.golang.try:x_vuln-gotip-linux-amd64-longtest
Reviewed-on: https://go-review.googlesource.com/c/vuln/+/555655
Auto-Submit: Dmitri Shuralyov <[email protected]>
LUCI-TryBot-Result: Go LUCI <[email protected]>
Reviewed-by: Dmitri Shuralyov <[email protected]>
Reviewed-by: Zvonimir Pavlinovic <[email protected]>

all: go get golang.org/x/tools@74c255b

go get golang.org/x/tools@74c255b # CL 519295
go mod tidy

Pulling in the fix for unnecessary dependency on *types.StdSizes, which
is non guaranteed behavior.

Updates golang/go#62103

Change-Id: I351e98f59dafc728b6821330b897a0457f4127d1
Reviewed-on: https://go-review.googlesource.com/c/vuln/+/520555
TryBot-Result: Gopher Robot <[email protected]>
Run-TryBot: Cuong Manh Le <[email protected]>
Reviewed-by: Robert Findley <[email protected]>
Auto-Submit: Hyang-Ah Hana Kim <[email protected]>
Auto-Submit: Cuong Manh Le <[email protected]>
Reviewed-by: Hyang-Ah Hana Kim <[email protected]>

internal/scan: fix double line spacing

Change-Id: I67d096196a4e54a12b4213c8011406a9ff65759e
Reviewed-on: https://go-review.googlesource.com/c/vuln/+/508921
TryBot-Result: Gopher Robot <[email protected]>
Reviewed-by: Julie Qiu <[email protected]>
Reviewed-by: Julie Qiu <[email protected]>
Run-TryBot: Ian Cottrell <[email protected]>
Auto-Submit: Ian Cottrell <[email protected]>

internal/vulncheck/internal/buildinfo: remove unused field

This addresses failures on builders.

Change-Id: I065336fb6147450bf0da9740236bd6258f434528
Reviewed-on: https://go-review.googlesource.com/c/vuln/+/507275
Run-TryBot: Zvonimir Pavlinovic <[email protected]>
Reviewed-by: Ian Cottrell <[email protected]>
Auto-Submit: Zvonimir Pavlinovic <[email protected]>
TryBot-Result: Gopher Robot <[email protected]>